All Vendors
attribution

Northbeam

Northbeam is an attribution vendor that uses machine learning models and a proprietary device graph to stitch cross-platform customer journeys, with direct data-sharing partnerships with major ad platforms including Meta and TikTok.

14 IOCs
0
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Northbeam discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Analysis pending. Findings will appear here once intelligence collection is complete.

Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

Pending Analysis

UNKNOWN
They Claim

Claims extraction pending

Observed Behavior

Awaiting contextual analysis

Customer Impact

What This Means For You

Organizations using Northbeam face revenue risk from attribution model dependency. Budget allocation decisions driven by opaque ML models cannot be independently audited by the merchant, creating a trust dependency on Northbeam's model accuracy. If attribution is systematically biased toward certain channels or away from others, the resulting budget misallocation compounds each reporting period. Compliance exposure is heightened by Northbeam's explicit disclaimer of consent responsibility. Merchants using Northbeam must independently ensure their consent architecture covers the full data lifecycle: pixel data collection, server-side transaction data sharing with Northbeam, cross-device identity resolution via the device graph, and downstream data flows to ad platforms through integrations like Apex. Any gap in this consent chain creates regulatory exposure that Northbeam has contractually disclaimed.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

Recommended Actions for Northbeam

  • - Demand transparency into Northbeam's attribution model methodology, including how Clicks + Modeled Views distributes credit for impressions versus clicks. - Audit the Apex integration to understand exactly what data flows to Meta and confirm contractual guarantees around aggregation and PII exclusion. - Assess whether your consent architecture explicitly covers data sharing with Northbeam and downstream flows to ad platforms, given Northbeam provides no consent tooling. - Request documentation on device graph data isolation practices: confirm whether behavioral data from your properties informs identity resolution for other Northbeam customers. - Compare Northbeam attribution outputs against platform-native reporting and backend transaction data to identify systematic model bias.

Negotiation Leverage

  • Northbeam's explicit disclaimer of consent responsibility is a significant leverage point in contract negotiations. Demand contractual indemnification for data protection violations arising from Northbeam's data processing, given the vendor provides no consent tooling but facilitates data flows that require consent. Request a Data Protection Impact Assessment covering the full data lifecycle from pixel to ad platform integration.
  • Key questions: How is data isolated between competing merchants in the device graph? What specific data does Apex share with Meta, and does "aggregated" mean truly anonymized or merely grouped? If a consumer exercises a deletion right under GDPR or CCPA, how does Northbeam propagate that deletion across its device graph and downstream integrations? Can you opt out of specific ad platform integrations while maintaining attribution functionality? These questions test the gap between Northbeam's clean room marketing and its operational data architecture.
IOC Manifest

IOC Manifest

14 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*j.northbeam.io/ota-sp/*-8def-4c0d-9ef5-*.js*
Tracking script
TRACK
*j.northbeam.io/vendor/nb-sp.js*
Tracking script
TRACK
j.northbeam.io/ota-sp/784e39f5-8def-4c0d-9ef5-9b06d0eb9d8d.js
Auto-extracted from scan
TRACK
j.northbeam.io/vendor/nb-sp.min.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Northbeam has built formal data partnerships with major ad platforms: Meta, TikTok, Snapchat, Pinterest, Axon, MNTN, and Vibe. The Apex integration with Meta represents the deepest partnership, providing Meta with access to Northbeam's attribution model outputs. These partnerships are bidirectional: Northbeam receives impression and view data from platforms, while platforms receive attribution insights from Northbeam. On the merchant side, Northbeam ingests data from ecommerce backends and connects with analytics platforms. The platform's device graph operates across its entire customer base, meaning identity resolution for one merchant may benefit from behavioral data observed on other merchant properties. This cross-merchant data utility is a core architectural feature that creates network effects but also raises questions about data isolation between competing merchants.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

14 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details